908419 matches found
DSA-3092-1 icedove - security update
Bulletin has no description...
BIT-GITLAB-2024-7057 Improper Access Control in GitLab
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 16.7 prior to 17.0.5, starting from 17.1 prior to 17.1.3, and starting from 17.2 prior to 17.2.1 where job artifacts can be inappropriately exposed to users lacking the proper authorization level...
BIT-GITLAB-2024-7091 Exposure of Sensitive Information to an Unauthorized Actor in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.6 prior to 17.0.5, starting from 17.1 prior to 17.1.3, and starting from 17.2 prior to 17.2.1 where it was possible to disclose limited information of an exported group or project to another user...
BIT-APACHE-2021-26691 Apache HTTP Server mod_session response handling heap overflow
In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server could cause a heap overflow...
ASB-A-123700107
In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation...
ASB-A-129476618
In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing background data usage or launching from the background, with no additional execution privileges needed. User...
CVE-2022-47112
7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected...
BIT-GITLAB-2024-9773 Improper Neutralization of Special Elements used in a Command ('Command Injection') in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 14.9 before 17.8.6, all versions starting from 17.9 before 17.8.3, all versions starting from 17.10 before 17.10.1. An input validation issue in the Harbor registry integration could have allowed a maintainer to add malicio...
MAL-2024-10319 Malicious code in appdynamics-libagent-napi (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b3ccb8490c24108245e9e5e4893518e881e48f0dafa4b0ad152ab458de4e7b1b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
BIT-GITLAB-2024-7060 Exposure of Sensitive Information to an Unauthorized Actor in GitLab
An information disclosure vulnerability in GitLab CE/EE in project/group exports affecting all versions from 15.4 prior to 17.0.5, 17.1 prior to 17.1.3, and 17.2 prior to 17.2.1 allows unauthorized users to view the resultant export...
GHSA-JWVW-V7C5-M82H protobuf susceptible to buffer overflow
protobuf allows remote authenticated attackers to cause a heap-based buffer overflow...
BIT-ELASTICSEARCH-2024-52981
An issue was discovered in Elasticsearch, where a large recursion using the Well-KnownText formatted string with nested GeometryCollection objects could cause a stackoverflow...
BIT-GITLAB-2023-4379 Incorrect Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated...
CVE-2023-24249
An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2025-30373 Graylog Authenticated HTTP inputs do ingest message even if Authorization header is missing or has wrong value
Graylog is a free and open log management platform. Starting with 6.1, HTTP Inputs can be configured to check if a specified header is present and has a specified value to authenticate HTTP-based ingestion. Unfortunately, even though in cases of a missing header or a wrong value the correct HTTP...
MAL-2022-2945 Malicious code in extraneous-dev-dep (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e08815dacf458e78940833dd89e08a808779aabda6f12833e3ca42e28a3d0cdf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
RUSTSEC-2021-0073 Conversion from `prost_types::Timestamp` to `SystemTime` can cause an overflow and panic
Affected versions of this crate contained a bug in which untrusted input could cause an overflow and panic when converting a Timestamp to SystemTime. It is recommended to upgrade to prost-types v0.8 and switch the usage of From for SystemTime to TryFrom for SystemTime. See 438 for more informatio...
GHSA-XRX6-FMXQ-RJJ2 Timing attacks in python-rsa
It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA...
ASB-A-134155286
In parseNextBox of IsoInterface.java, there is a possible leak of unredacted location information due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...
DSA-3746-1 graphicsmagick - security update
Bulletin has no description...
BIT-GITLAB-2024-8177 Inefficient Algorithmic Complexity in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 15.6 prior to 17.4.5, starting from 17.5 prior to 17.5.3, starting from 17.6 prior to 17.6.1 which could cause Denial of Service via integrating a malicious harbor registry...
DSA-5730-1 linux - security update
Bulletin has no description...
BIT-PYTHON-2021-3737
A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability...
BIT-APACHE-2022-22721 core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody
If LimitXMLRequestBody is set to allow request bodies larger than 350MB defaults to 1M on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier...
CVE-2022-36760
Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions...
OSV-2022-763 Heap-buffer-overflow in sqlite3VdbeExec
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50466 Crash type: Heap-buffer-overflow READ Crash state: sqlite3VdbeExec sqlite3step osquery::readRows...
GHSA-RPRW-H62V-C2W7 PyYAML insecurely deserializes YAML strings leading to arbitrary code execution
In PyYAML before 5.1, the yaml.load API could execute arbitrary code. In other words, yaml.safeload is not used. This was intended to be fixed in 4.1, but due to breaking changes, 4.1 was yanked and 5.1 contains the patch for CVE-2017-18342...
MAL-2025-36856 Malicious code in thunder-iris-jur448-project (npm)
The package thunder-iris-jur448-project was found to contain malicious code...
BIT-MARIADB-2023-52970
MariaDB Server 10.4 through 10.5., 10.6 through 10.6., 10.7 through 10.11., 11.0 through 11.0., and 11.1 through 11.4. crashes in Itemdirectviewref::derivedfieldtransformerforwhere...
GHSA-8HQG-WHRW-PV92 Ollama does not validate the format of the digest (sha256 with 64 hex digits)
Ollama before 0.1.34 does not validate the format of the digest sha256 with 64 hex digits when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../ substring...
MAL-2022-276 Malicious code in @flameshot-org/fetlife-assets (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dfc208be31b8f932d6175ac98e7ddc5249c25d6e735a9af5a2c8266770cb9a45 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
GHSA-GX3F-HQ7P-8FXV Code injection in spring-cloud-netflix-hystrix-dashboard
Applications using the spring-cloud-netflix-hystrix-dashboard expose a way to execute code submitted within the request URI path during the resolution of view templates. When a request is made at /hystrix/monitor;user-provided data, the path elements following hystrix/monitor are being evaluated ...
BIT-GITLAB-2024-7296 Incorrect Authorization in GitLab
An issue was discovered in GitLab EE affecting all versions from 16.5 prior to 17.7.7, 17.8 prior to 17.8.5, and 17.9 prior to 17.9.2 which allowed a user with a custom permission to approve pending membership requests beyond the maximum number of allowed users...
GHSA-QQHQ-8R2C-C3F5 nvdApiKey is logged in debug mode
Summary The value of nvdApiKey configuration parameter is logged in clear text in debug mode. Details The NVD API key is a kind of secret and should be treated like other secrets when logging in debug mode. Expecting the same behavior as for several password configurations: just print Note that...
ASB-A-291299076
In createFromParcel of UsbConfiguration.java, there is a possible background activity launch BAL due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2022-37434
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call...
BIT-GITLAB-2024-8402 Improper Neutralization of Special Elements used in a Command ('Command Injection') in GitLab
An issue was discovered in GitLab EE affecting all versions starting from 17.2 before 17.7.7, all versions starting from 17.8 before 17.8.5, all versions starting from 17.9 before 17.9.2. An input validation issue in the Google Cloud IAM integration feature could have enabled a Maintainer to...
BELL-CVE-2024-12254
Bulletin has no description...
CVE-2023-46809
Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/hkario/marvin/, if PCKS 1 v1.5 padding is allowed when performing RSA descryption using a privat...
GO-2022-0846 Gitea Remote Code Execution in github.com/go-gitea/gitea
Gitea Remote Code Execution in github.com/go-gitea/gitea...
BIT-GITLAB-2024-7554 Exposure of Sensitive Information to an Unauthorized Actor in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.0.6, all versions starting from 17.1 before 17.1.4, all versions starting from 17.2 before 17.2.2. Under certain conditions, access tokens may have been logged when an API request was made in a specif...
BIT-WORDPRESS-MULTISITE-2021-29447 WordPress Authenticated XXE attack when installation is running PHP 8
Wordpress is an open source CMS. A user with the ability to upload files like an Author can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has...
CVE-2024-24558 react-query-streamed-hydration xss
TanStack Query supplies asynchronous state management, server-state utilities and data fetching for the web. The @tanstack/react-query-next-experimental NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this, an attacker would need to either inject malicious input or...
GHSA-7MMC-22G7-3XQ2 Moodle SQL Injection vulnerability
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database...
GHSA-HRHX-6H34-J5HC Skip the router TLS configuration when the host header is an FQDN
Impact People that configure mTLS between Traefik and clients. For a request, the TLS configuration choice can be different than the router choice, which implies the use of a wrong TLS configuration. - When sending a request using FQDN handled by a router configured with a dedicated TLS...
ASB-A-140256621
In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass due to an incorrect permission check. This could lead to local escalation of privilege that allows instant apps access to permissions not allowed for instant apps, with no additional execution privileges...
CGA-3P7C-2H7X-XXJX
Bulletin has no description...
BIT-GITLAB-2024-8974 Incorrect Provision of Specified Functionality in GitLab
Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unauthorised user the path of a private project."...
GHSA-257Q-PV89-V3XV Duplicate Advisory: jQuery Cross Site Scripting vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-jpcq-cgw6-v4j6. This link is maintained to preserve external references. Original Description Cross Site Scripting vulnerability in jQuery v.2.2.0 until v.3.5.0 allows a remote attacker to execute arbitrary code...
GO-2022-0493 Incorrect privilege reporting in syscall and golang.org/x/sys/unix
When called with a non-zero flags parameter, the Faccessat function can incorrectly report that a file is accessible...